Description
During the scan, Kayran managed to find that the Login Credentials are being Sent In Clear Text.
This vulnerability is caused when a user’s credentials are transmitted unencrypted. The credentials must be transmitted via HTTPS in order to prevent malicious users from intercepting this information.
Attackers could intercept, stealing the information using a MITM (Man-in-the-middle) attack to retrieve the credentials that are being sent in Clear text. The software transmits sensitive or security-critical data in clear text in a communication channel. That can be sniffed by unauthorized actors.
Recommendation
To prevent this vulnerability, make sure that the site transmits to the server by using trusted and encrypted connections (HTTPS).
